Go to OpenReview Archive homepageLearning to Attack Distributionally Robust Federated Learning
Abstract: We propose a two-stage attack framework that leverages the power of distribution
matching and deep reinforcement learning to learn attack policies against federated
learning. Our two-stage attack effectively learns an attack policy that minimizes
the robustness levels of distributionally robust federated models, and substantially
jeopardizes the performance of the federated learning systems even when the server
imposes defense mechanisms. Our work brings new insights into how to attack
federated learning systems with model-based reinforcement learning.
0 Replies
Loading